公开(公告)号：US20200348361A1

公开(公告)日：2020-11-05

申请号：US16403296

申请日：2019-05-03

Applicant: Tsvika Kurts ,  Boris Dolgunov ,  Vladislav Mladentsev ,  Ittai Anati ,  Elias Khoury ,  Maor Kima ,  Eran Shlomo ,  Shay Gueron ,  William Penner

Inventor： Tsvika Kurts ,  Boris Dolgunov ,  Vladislav Mladentsev ,  Ittai Anati ,  Elias Khoury ,  Maor Kima ,  Eran Shlomo ,  Shay Gueron ,  William Penner

IPC: G01R31/317 ,  G06F11/263 ,  H04L9/08 ,  H04L9/32 ,  H04L9/06 ,  G06F16/22 ,  G01R31/3177

Abstract: Systems and techniques of the present disclosure may provide remote debugging of an integrated circuit (IC) device while preventing unauthorized access of device intellectual property (IP). A system may include an IC device that generates an encrypted session key and an interface that enables communication between the IC device and a remote debugging site. The interface may enable the IC device to send the encrypted the encrypted session key to initiate a remote debug process, receive an acknowledgement from the remote debugging session, and authenticate the acknowledgement. Further, the interface may enable to the IC device to initiate a secure debug session between the IC device and the remote debugging site.

公开(公告)号：US09559848B2

公开(公告)日：2017-01-31

申请号：US14467425

申请日：2014-08-25

Applicant: Shay Gueron

Inventor： Shay Gueron

IPC: H04L9/32 ,  H04L9/08

CPC classification number: G06F12/1408 ,  G06F21/72 ,  G06F21/73 ,  G06F21/74 ,  G06F2212/1052 ,  G06F2221/2107 ,  H04L9/0637 ,  H04L9/0894 ,  H04L9/3226 ,  H04L63/083

Abstract: Embodiments of an invention for method, apparatus, and instructions for safely storing secrets in system memory are disclosed. In one embodiment, a processor includes a hardware key, an instruction unit, and an encryption unit. The instruction unit is to receive an encryption instruction and a compare instruction. The encryption instruction is to have a first plaintext input value. The compare instruction is to have a second plaintext input value. The encryption unit is to, in response to the encryption instruction, encrypt the first plaintext input value using the hardware key to generate a ciphertext value, and, in response to the compare instruction, decrypt the ciphertext value using the hardware key to generate a plaintext output value and compare the plaintext output value to the second plaintext input value.

Abstract translation: 公开了用于在系统存储器中安全地存储秘密的方法，装置和指令的发明的实施例。 在一个实施例中，处理器包括硬件密钥，指令单元和加密单元。 指令单元接收加密指令和比较指令。 加密指令是具有第一个明文输入值。 比较指令是具有第二个明文输入值。 加密单元响应于加密指令，使用硬件密钥对第一明文输入值进行加密，以生成密文值，并且响应于比较指令，使用硬件密钥解密密文值以生成明文 输出值，并将明文输出值与第二个明文输入值进行比较。

公开(公告)号：US20160179470A1

公开(公告)日：2016-06-23

申请号：US14581973

申请日：2014-12-23

Applicant: Shay Gueron ,  Vlad Krasnov

Inventor： Shay Gueron ,  Vlad Krasnov

IPC: G06F7/523 ,  G06F7/50

CPC classification number: G06F7/523

Abstract: An apparatus and method are described for performing big integer arithmetic operations. For example, one embodiment of a processor comprises: a first source register to store a first 256-bit integer operand; a second source register to store a second 256-bit integer operand; and multiplication logic comprising a set of multipliers and adders to perform a multiplication of the first and second 256-bit integer operands to generate a 512-bit result responsive to a 256-bit multiplication instruction, the multiplication logic to convert a radix representation of the first and second 256-bit integer operands from a first radix representation to a second radix representation selected based on a size of the multipliers and adders used to perform the multiplication and generate a result, and then to convert the result back to the first radix representation.

Abstract translation: 描述了用于执行大整数运算的装置和方法。 例如，处理器的一个实施例包括：第一源寄存器，用于存储第一256位整数操作数; 第二个源寄存器，用于存储第二个256位整数操作数; 以及乘法逻辑，其包括一组乘法器和加法器，以执行第一和第二256位整数操作数的乘法，以响应于256位乘法指令产生512位结果，乘法逻辑转换 基于用于执行乘法并生成结果的乘法器和加法器的大小而选择的从第一基数表示到第二基数表示的第一和第二256位整数操作数，然后将结果转换回第一基数表示 。

公开(公告)号：US20150378941A1

公开(公告)日：2015-12-31

申请号：US14318508

申请日：2014-06-27

Applicant: Carlos V. Rozas ,  Ilya Alexandrovich ,  Gilbert Neiger ,  Francis X. McKeen ,  Ittai Anati ,  Vedvyas Shanbhogue ,  Shay Gueron

Inventor： Carlos V. Rozas ,  Ilya Alexandrovich ,  Gilbert Neiger ,  Francis X. McKeen ,  Ittai Anati ,  Vedvyas Shanbhogue ,  Shay Gueron

IPC: G06F13/24 ,  G06F12/08

CPC classification number: G06F13/24 ,  G06F12/08 ,  G06F12/0806 ,  G06F12/0875 ,  G06F21/00 ,  G06F21/71 ,  G06F21/85 ,  G06F2212/1024 ,  G06F2212/1052 ,  G06F2212/62

Abstract: Instructions and logic interrupt and resume paging in secure enclaves. Embodiments include instructions, specify page addresses allocated to a secure enclave, the instructions are decoded for execution by a processor. The processor includes an enclave page cache to store secure data in a first cache line and in a last cache line for a page corresponding to the page address. A page state is read from the first or last cache line for the page when an entry in an enclave page cache mapping for the page indicates only a partial page is stored in the enclave page cache. The entry for a partial page may be set, and a new page state may be recorded in the first cache line when writing-back, or in the last cache line when loading the page when the instruction's execution is being interrupted. Thus the writing-back, or loading can be resumed.

Abstract translation: 指令和逻辑在安全飞地中中断和恢复寻呼。 实施例包括指令，指定分配给安全空间的页面地址，指令被解码以供处理器执行。 处理器包括用于将安全数据存储在与页面地址对应的页面的第一高速缓存行中的最后高速缓存行中的一个包围页面缓存。 当页面的飞地页面缓存映射中的条目仅指示部分页面存储在飞地页面缓存中时，从页面的第一个或最后一个高速缓存行读取页面状态。 可以设置部分页面的条目，并且当写回时可以在第一高速缓存行中记录新的页面状态，或者当指令的执行中断时在最后的高速缓存行中加载页面时。 因此，可以恢复回写或加载。

公开(公告)号：US20150033034A1

公开(公告)日：2015-01-29

申请号：US13949110

申请日：2013-07-23

Applicant: Gideon Gerzon ,  Shay Gueron ,  Simon P. Johnson ,  Francis X. Mckeen ,  Carlos V. Rozas ,  Uday R. Savagaonkar ,  Vincent R. Scarlata ,  Ittai Anati

Inventor： Gideon Gerzon ,  Shay Gueron ,  Simon P. Johnson ,  Francis X. Mckeen ,  Carlos V. Rozas ,  Uday R. Savagaonkar ,  Vincent R. Scarlata ,  Ittai Anati

IPC: H04L9/32 ,  G06F12/14

CPC classification number: H04L9/3239 ,  G06F9/3004 ,  G06F12/1441 ,  G06F21/71 ,  G06F2221/2111

Abstract: Embodiments of an invention for measuring a secure enclave are disclosed. In one embodiment, a processor includes an instruction unit and an execution unit. The instruction unit is to receive a first, a second, and a third instruction. The execution unit is to execute the first, the second, and the third instruction. Execution of the first instruction includes initializing a measurement field in a control structure of a secure enclave with an initial value. Execution of the second instruction includes adding a region to the secure enclave. Execution of the third instruction includes measuring a subregion of the region.

Abstract translation: 公开了用于测量安全飞地的发明的实施例。 在一个实施例中，处理器包括指令单元和执行单元。 指令单元将接收第一，第二和第三指令。 执行单元执行第一，第二和第三指令。 执行第一指令包括初始化具有初始值的安全飞地的控制结构中的测量场。 执行第二条指令包括将一个区域添加到安全飞地。 执行第三条指令包括测量该区域的一个子区域。

公开(公告)号：US08923510B2

公开(公告)日：2014-12-30

申请号：US11966658

申请日：2007-12-28

Applicant: Shay Gueron ,  Michael E. Kounavis ,  Ram Krishnamurthy ,  Sanu K. Mathew

Inventor： Shay Gueron ,  Michael E. Kounavis ,  Ram Krishnamurthy ,  Sanu K. Mathew

IPC: H04L9/00 ,  G06F7/00

CPC classification number: H04L9/0631 ,  G06F7/00 ,  G06F9/30007 ,  G06F9/30112 ,  G06F9/30145 ,  G06F9/30149 ,  G06F9/30196 ,  G06F9/3887 ,  G06F21/602 ,  H04L2209/34

Abstract: Implementations of Advanced Encryption Standard (AES) encryption and decryption processes are disclosed. In one embodiment of S-box processing, a block of 16 byte values is converted, each byte value being converted from a polynomial representation in GF(256) to a polynomial representation in GF((22)4). Multiplicative inverse polynomial representations in GF((22)4) are computed for each of the corresponding polynomial representations in GF((22)4). Finally corresponding multiplicative inverse polynomial representations in GF((22)4) are converted and an affine transformation is applied to generate corresponding polynomial representations in GF(256). In an alternative embodiment of S-box processing, powers of the polynomial representations are computed and multiplied together in GF(256) to generate multiplicative inverse polynomial representations in GF(256). In an embodiment of inverse-columns-mixing, the 16 byte values are converted from a polynomial representation in GF(256) to a polynomial representation in GF((24)2). A four-by-four matrix is applied to the transformed polynomial representation in GF((24)2) to implement the inverse-columns-mixing.

Abstract translation: 公开了高级加密标准（AES）加密和解密过程的实现。 在S盒处理的一个实施例中，转换16字节值的块，每个字节值从GF（256）中的多项式表示转换为GF（（22）4）中的多项式表示。 对于GF（（22）4）中的每个对应多项式表示，计算GF（（22）4）中的乘法逆多项式表示。 最后，对GF（（22）4）中的相应的乘法逆多项式表示进行转换，并应用仿射变换以在GF（256）中生成对应的多项式表示。 在S盒处理的替代实施例中，计算多项式表示的幂并在GF（256）中相乘，以在GF（256）中生成乘法逆多项式表示。 在反列混合的实施例中，将16字节值从GF（256）中的多项式表示转换为GF（（24）2）中的多项式表示。 将四乘四矩阵应用于GF（（24）2）中的变换多项式表示，以实现反列混合。

公开(公告)号：US08856547B2

公开(公告)日：2014-10-07

申请号：US13491207

申请日：2012-06-07

Applicant: Shay Gueron ,  Vlad Krasnov

Inventor： Shay Gueron ,  Vlad Krasnov

IPC: G06F21/00

CPC classification number: G09C1/00 ,  G06F9/30007 ,  G06F9/30036 ,  G06F9/3895 ,  H04L9/0643 ,  H04L2209/125

Abstract: A processing apparatus comprises logic to, according to a selected secure hash algorithm (SHA) algorithm, generate hash values by preparing message schedules for a plurality of message blocks in parallel using single instruction multiple date (SIMD) instructions and performing compression in serial, and logic to generate a message digest conforming to the secure hash algorithm (SHA) algorithm.

Abstract translation: 一种处理装置包括根据所选择的安全散列算法（SHA）算法，通过使用单指令多重日期（SIMD）指令并行执行串行的并行执行多个消息块的消息调度来生成散列值的逻辑，以及 生成符合安全散列算法（SHA）算法的消息摘要的逻辑。

公开(公告)号：US08787565B2

公开(公告)日：2014-07-22

申请号：US11841556

申请日：2007-08-20

Applicant: Shay Gueron ,  Martin G. Dixon ,  Srinivas Chennupaty ,  Mayank Bomb ,  Brent R. Boswell

Inventor： Shay Gueron ,  Martin G. Dixon ,  Srinivas Chennupaty ,  Mayank Bomb ,  Brent R. Boswell

IPC: H04K1/00 ,  H04L9/00

CPC classification number: H04L9/28 ,  G06F9/30007 ,  H04L9/0631 ,  H04L2209/125 ,  H04L2209/24

Abstract: An Advanced Encryption Standard (AES) key generation assist instruction is provided. The AES key generation assist instruction assists in generating round keys used to perform AES encryption and decryption operations. The AES key generation instruction operates independent of the size of the cipher key and performs key generation operations in parallel on four 32-bit words thereby increasing the speed at which the round keys are generated. This instruction is easy to use in software. Hardware implementation of this instruction removes potential threats of software (cache access based) side channel attacks on this part of the AES algorithm.

Abstract translation: 提供了高级加密标准（AES）密钥生成辅助指令。 AES密钥生成辅助指令有助于生成用于执行AES加密和解密操作的循环密钥。 AES密钥生成指令独立于密码密钥的大小，并行执行四个32位字的密钥生成操作，从而增加生成循环密钥的速度。 该指令在软件中易于使用。 该指令的硬件实现可以消除这部分AES算法对软件（基于缓存访问的）侧面信道攻击的潜在威胁。

公开(公告)号：US08776248B2

公开(公告)日：2014-07-08

申请号：US13356740

申请日：2012-01-24

Applicant: Shay Gueron ,  Konstantin Levit-Gurevich ,  Boaz Ouriel ,  Israel Hirsh

Inventor： Shay Gueron ,  Konstantin Levit-Gurevich ,  Boaz Ouriel ,  Israel Hirsh

IPC: G06F21/00

CPC classification number: G06F9/4406 ,  G06F21/575 ,  G06F2221/2105

Abstract: Machine-readable media, methods, apparatus and system for booting a processing system are described. In an embodiment, whether to launch an open operating system or a closed operating system to boot a processing system may be determined. A key may be retrieved from a processor register of the processing system and used to decrypt an encrypted version of the closed operating system based at least in part on a determination of booting the processing system with the closed operating system. In another embodiment, the processor register stored with the key may be flushed based at least in part on a determination of booting the processing system with the open operating system.

Abstract translation: 描述了用于引导处理系统的机器可读介质，方法，装置和系统。 在一个实施例中，可以确定是否启动打开的操作系统或封闭的操作系统以引导处理系统。 密钥可以从处理系统的处理器寄存器检索，并且用于至少部分地基于使用封闭操作系统引导处理系统的确定来解密封闭操作系统的加密版本。 在另一个实施例中，可以至少部分地基于使用打开的操作系统引导处理系统的确定来刷新存储有密钥的处理器寄存器。

公开(公告)号：US20130332742A1

公开(公告)日：2013-12-12

申请号：US13490931

申请日：2012-06-07

Applicant: Shay GUERON ,  Vlad KRASNOV

Inventor： Shay GUERON ,  Vlad KRASNOV

IPC: G06F21/00 ,  H04L9/28

CPC classification number: G09C1/00 ,  G06F9/30007 ,  G06F9/30036 ,  G06F9/3895 ,  H04L9/0643 ,  H04L2209/125

Abstract: A processing apparatus may comprise logic to preprocess a message according to a selected secure hash algorithm (SHA) algorithm to generate a plurality of message blocks, logic to generate hash values by preparing message schedules in parallel using single instruction multiple data (SIMD) instructions for the plurality of message blocks and to perform compression in serial for the plurality of message blocks, and logic to generate a message digest conforming to the selected SHA algorithm.

Abstract translation: 处理装置可以包括根据所选择的安全散列算法（SHA）算法来预处理消息以产生多个消息块的逻辑，用于通过使用单指令多数据（SIMD）指令并行准备消息调度来生成散列值的逻辑 所述多个消息块并且为所述多个消息块串行地执行压缩，以及用于生成符合所选择的SHA算法的消息摘要的逻辑。